this post was submitted on 16 Jul 2023
63 points (97.0% liked)

Selfhosted

40133 readers
519 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi there, I was intrigued by the idea of self-hosting my social media accounts, but was more or less a complete noob with all things hosting. However, with the help of the community here (and quite a few hours spent on it) I finally have a working setup! Mastodon, Matrix, Lemmy, Nextcloud all self-hosted behind Nginx Proxy Manager.

Google can find a lot of answers, but sometimes some really specific input is needed - which you guys have provided over the last couple of weeks - so I just wanna say thank you for that!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 year ago (2 children)

Congrats on your first setup. I would recommend making sure you have fail2ban set up and test it. If you're keeping anything important, get backups going.. I worry for new self-hosters that may have a security issue and lose their hard work to a vulnerability.

[–] [email protected] 6 points 1 year ago (1 children)

I have fail2ban running as well, didn‘t mention it in the op. Also closed all ports beside 80 and 443, which are routed through my NPM proxy. SSH is allowed, but login only with ssh key, no pw authentication.

So far it‘s running well, but I expect things to break when I‘ll need to update parts of it. I have a snapshot from which i can reinstall, but recurring backups need yet to be set up.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Sounds great! By the way, if you're using docker, be careful not to accidentally have a container open a port on all interface. Even if you have a firewall configured on the machine, sometimes docker can punch a hole without you knowing. Might be a good idea to run a port scan from an external computer from time to time just to makes sure no unwanted open ports.